1. Definitions
Controller: You (the customer) who determines the purposes and means of processing personal data.
Processor: HT Bot, processing personal data on behalf of the Controller.
Personal Data: Any information relating to an identified or identifiable natural person.
GDPR: General Data Protection Regulation (EU) 2016/679.
2. Scope of Processing
HT Bot processes personal data solely for providing trading automation services, including:
- User account data: Email addresses, names, authentication tokens
- Trading data: Broker API credentials, trading preferences, transaction logs
- Technical data: IP addresses, device information, usage analytics
- Communication data: Support tickets, chat logs, notifications
3. Data Subject Categories
Personal data relates to the following categories of data subjects:
- HT Bot platform users (individual traders)
- Customer support contacts
- Authorized users of business accounts
4. Security Measures
HT Bot implements appropriate technical and organizational security measures:
- Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access controls: Role-based access with multi-factor authentication
- Infrastructure: SOC 2 compliant cloud providers with regular audits
- Monitoring: 24/7 security monitoring and incident response
- Staff training: Regular data protection training for all personnel
5. Sub-processors
HT Bot may engage sub-processors for specific services. Current sub-processors include:
- Cloud hosting: AWS, Google Cloud (data centers in EU/US)
- Email services: SendGrid, Mailgun (for transactional emails)
- Analytics: Privacy-focused analytics providers
- Support tools: Customer service platforms with GDPR compliance
We will notify you of any changes to sub-processors with 30 days' notice.
6. Data Subject Rights
HT Bot will assist you in fulfilling data subject rights requests:
- Access: Provide data exports within 30 days
- Rectification: Correct inaccurate data promptly
- Erasure: Delete data when legally permissible
- Portability: Provide data in machine-readable format
- Restriction: Limit processing when requested
7. Data Retention
Personal data is retained according to the following schedule:
- Active accounts: Retained while account is active
- Inactive accounts: Deleted after 2 years of inactivity
- Trading logs: Retained for 7 years (regulatory requirement)
- Support data: Deleted after 3 years
8. Data Breach Notification
In case of a personal data breach, HT Bot will:
- Notify you within 72 hours of becoming aware of the breach
- Provide details of the breach, affected data, and remediation steps
- Assist with regulatory notifications if required
- Implement measures to prevent future breaches
9. International Transfers
Data may be transferred outside the EU/EEA only with appropriate safeguards:
- Adequacy decisions: To countries with EU adequacy decisions
- Standard Contractual Clauses: EU-approved SCCs for other transfers
- Certification schemes: Providers with recognized certifications
10. Contact Information
For DPA-related inquiries, contact our support team:
Email: support@ht-b.in
Subject: DPA Inquiry
Response time: Within 5 business days